EIP-2026-111181

PRE-CVE

PHPOutsourcing Zorum 3.x - Remote File Inclusion Command Execution

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-111181. PoCs published by MGhz.

AI-analyzed exploit summary The exploit demonstrates a remote file inclusion (RFI) vulnerability in Zorum by manipulating the 'gorumDir' parameter in include.php to load arbitrary PHP scripts from an external server. This allows remote command execution on the vulnerable host.

Description

PHPOutsourcing Zorum 3.x - Remote File Inclusion Command Execution

Exploits (1)

exploitdb WORKING POC VERIFIED
by MGhz · textwebappsphp
https://www.exploit-db.com/exploits/22195

The exploit demonstrates a remote file inclusion (RFI) vulnerability in Zorum by manipulating the 'gorumDir' parameter in include.php to load arbitrary PHP scripts from an external server. This allows remote command execution on the vulnerable host.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Zorum (version unspecified)
No auth needed
Prerequisites: Target server running Zorum with vulnerable include.php · Remote server hosting malicious PHP script
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026